Bug 735044 - semanage permissive -l tracebacks if SELinux is disabled
Summary: semanage permissive -l tracebacks if SELinux is disabled
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: policycoreutils
Version: 6.2
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Daniel Walsh
QA Contact: Milos Malik
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-09-01 09:50 UTC by Milos Malik
Modified: 2013-03-18 11:06 UTC (History)
1 user (show)

Fixed In Version: policycoreutils-2.0.83-19.13.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-12-06 15:31:05 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1637 normal SHIPPED_LIVE policycoreutils bug fix and enhancement update 2011-12-06 00:50:40 UTC

Description Milos Malik 2011-09-01 09:50:43 UTC
Description of problem:


Version-Release number of selected component (if applicable):
policycoreutils-2.0.83-19.12.el6.i686
policycoreutils-python-2.0.83-19.12.el6.i686
policycoreutils-sandbox-2.0.83-19.12.el6.i686
policycoreutils-gui-2.0.83-19.12.el6.i686
policycoreutils-newrole-2.0.83-19.12.el6.i686

How reproducible:
always

Steps to Reproduce:
[root@rhel62 ~]# sestatus 
SELinux status:                 disabled
[root@rhel62 ~]# semanage permissive -l
Traceback (most recent call last):
  File "/usr/sbin/semanage", line 564, in <module>
    process_args(sys.argv[1:])
  File "/usr/sbin/semanage", line 383, in process_args
    OBJECT.list(heading, locallist)
  File "/usr/lib/python2.6/site-packages/seobject.py", line 341, in list
    all = map(lambda y: y["name"], filter(lambda x: x["permissive"], setools.seinfo(setools.TYPE)))
  File "/usr/lib/python2.6/site-packages/setools/__init__.py", line 49, in seinfo
    dict_list = _seinfo.seinfo(setype, name)
RuntimeError: No default policy found.
[root@rhel62 ~]# echo $?
1
[root@rhel62 ~]# 

Expected results:
* either the tool can cope with disabled SELinux and displays permissive domains as expected
* or the tool shows "SELinux is disabled" message as other tools do

Comment 1 Daniel Walsh 2011-09-01 14:48:51 UTC
Milos can you add the following to the end of semanage to make sure it works.

I don't have a disabled machine to test on.

	except RuntimeError, error:
		errorExit(error.args[1])

Comment 2 Milos Malik 2011-09-02 06:52:46 UTC
It didn't work when error.args[1] was used, but it works when error.args[0] is used.

# tail -n 3 /usr/sbin/semanage 
	except RuntimeError, error:
		errorExit(error.args[0])

# sestatus 
SELinux status:                 disabled
# semanage permissive -l
/usr/sbin/semanage: No default policy found.
#

Comment 3 Daniel Walsh 2011-09-03 11:03:29 UTC
Great that is what I was looking for.

Comment 4 Daniel Walsh 2011-09-06 18:33:32 UTC
Fixed in policycoreutils-2.0.83-19.13.el6

Comment 8 errata-xmlrpc 2011-12-06 15:31:05 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1637.html


Note You need to log in before you can comment on or make changes to this bug.